WO2012001762A1 - Système de gestion et procédé de gestion pour système informatique - Google Patents

Système de gestion et procédé de gestion pour système informatique Download PDF

Info

Publication number
WO2012001762A1
WO2012001762A1 PCT/JP2010/060999 JP2010060999W WO2012001762A1 WO 2012001762 A1 WO2012001762 A1 WO 2012001762A1 JP 2010060999 W JP2010060999 W JP 2010060999W WO 2012001762 A1 WO2012001762 A1 WO 2012001762A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
management
additional component
authentication
management system
Prior art date
Application number
PCT/JP2010/060999
Other languages
English (en)
Japanese (ja)
Inventor
正義 松本
黒田 沢希
諭 福田
紅山 伸夫
充則 里見
Original Assignee
株式会社日立製作所
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社日立製作所 filed Critical 株式会社日立製作所
Priority to CN201080066369.2A priority Critical patent/CN102859505B/zh
Priority to PCT/JP2010/060999 priority patent/WO2012001762A1/fr
Priority to US12/937,961 priority patent/US8553564B2/en
Priority to JP2012522368A priority patent/JP5406988B2/ja
Publication of WO2012001762A1 publication Critical patent/WO2012001762A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/305Authentication, i.e. establishing the identity or authorisation of security principals by remotely controlling device operation

Definitions

  • the present invention relates to a management system and a computer system management method.
  • the computer system is configured, for example, by connecting various node devices such as a host computer, a storage device, and a switch device to a communication network. Managing each node device included in the computer system is an important task in the operation of the computer system.
  • Patent Document 1 a technique for acquiring information from a node device, for example, a technique disclosed in Patent Document 1 is known. According to Patent Document 1, a device having an IP address in a designated IP address range is discovered, and information is acquired from the discovered device.
  • an object of the present invention is to provide a management system and a computer system management method that make it possible to manage a device to be managed more easily.
  • Other objects of the present invention will become clear from the description of the embodiments described later.
  • a communication interface for connecting to a plurality of managed devices, a management program, a memory for storing a plurality of additional component information and a plurality of additional component application condition information, a microprocessor,
  • Each of the plurality of additional component information includes all or part of setting information or processing procedures for acquiring management information from the plurality of management target devices, and includes a plurality of additional component application conditions.
  • the information includes an identifier of the corresponding additional component information and a condition for receiving information from a plurality of management target devices based on the corresponding additional component information.
  • the microprocessor By executing the management program, the microprocessor: ) A plurality of pieces of first information are received from a plurality of management target devices through the communication interface, and a plurality of management target devices are configured based on the plurality of first information. Whether or not information is stored in a memory, and (b) a plurality of pieces of second information are acquired from a plurality of managed devices using a plurality of pieces of additional component information based on configuration information and a plurality of pieces of additional component application condition information (C) and (b), a plurality of pieces of second information are received from a plurality of management target devices via a communication interface using a plurality of additional component information. ) Disclosed is a management system that creates or updates management information for a plurality of management target devices in a memory based on a plurality of second information.
  • the present invention can also be understood as a computer system management method. Furthermore, at least a part of the configuration of the present invention can be configured as a computer program.
  • the computer program can be distributed fixed to a recording medium, or distributed via a communication medium. A configuration in which all or part of the computer program is realized as a dedicated hardware circuit may be used.
  • the computer program according to the present embodiment may be distributed by a distribution computer. In this case, the distribution computer transmits (1) an installation program or computer program for installing a computer program to be distributed, (2) a CPU for processing an acquisition request for the installation program or computer program, and (3) an installation program or computer program. Communication interface.
  • FIG. 1 is an explanatory diagram schematically showing the outline of the embodiment.
  • FIG. 2 is an overall configuration diagram of a computer system including a system management apparatus.
  • FIG. 3 is a configuration diagram of the system management apparatus.
  • FIG. 4 is a configuration diagram of the node device and the input / output terminal.
  • FIG. 5 shows a node management table.
  • FIG. 6 shows an access information management table.
  • FIG. 7 shows an example of plug-in application condition definition.
  • FIG. 8 shows an example of the plug-in definition.
  • FIG. 9 shows a basic information management table.
  • FIG. 10 shows a detailed information management table.
  • FIG. 11 shows an additional information management table.
  • FIG. 12 shows a plug-in application state management table.
  • FIG. 13 shows a plug-in management table.
  • FIG. 14 shows basic information held by the node device.
  • FIG. 15 shows detailed information held by the node device.
  • FIG. 16 is a flowchart of the regular monitoring process.
  • FIG. 17 is a flowchart of basic information acquisition processing.
  • FIG. 18 is a flowchart of the detailed information acquisition process.
  • FIG. 19 is a flowchart of the state monitoring process.
  • FIG. 20 is a flowchart of plug-in application processing.
  • FIG. 21 is a flowchart illustrating processing for applying a plug-in for each target device.
  • FIG. 22 is a flowchart of processing for displaying a plug-in application result.
  • FIG. 23 is a plug-in application result display screen.
  • FIG. 24 shows a node management screen.
  • FIG. 25 is a flowchart illustrating plug-in application processing for each target device according to the second embodiment.
  • FIG. 25 is a flowchart illustrating plug-in application processing for each target device according to the second embodiment.
  • FIG. 26 shows an access information management table.
  • FIG. 27 is a flowchart illustrating plug-in application processing for each target device according to the third embodiment.
  • FIG. 28 is a block diagram of a system management apparatus according to the fourth embodiment.
  • FIG. 29 shows a node management screen.
  • FIG. 30 shows a screen for supporting the solution of the authentication error.
  • FIG. 31 shows a screen for correcting the access information.
  • FIG. 32 shows a screen for creating new access information.
  • FIG. 33 is a flowchart of the display process.
  • the additional information is information on a monitoring target device that can be newly acquired by an additional component program added to the management computer (management system or system management device).
  • the additional component program is added to the management computer in accordance with an instruction such as a command.
  • the basic information and the detailed information are information that can be acquired from the management target device (node device) by the management computer as standard, or information that can be acquired without using an additional component program.
  • “information that can be acquired from the management target device by default” by the management computer means one or more of the following.
  • (C) Information that can be obtained by a management interface for example, Windows Management Interface (WMI)
  • WMI Windows Management Interface
  • a general-purpose OS such as Windows (registered trademark) or UNIX (registered trademark) when the management program is provided.
  • (D) Information that can be acquired by a monitoring protocol for example, Simple Network Management Protocol (SNMP)
  • SNMP Simple Network Management Protocol
  • a device such as FC-Switch or Storage system (for example, Storage Management Initiative-Specification (SMI-S)) when the management program is provided.
  • SI-S Storage Management Initiative-Specification
  • (F) Information that can be acquired by a hardware monitoring interface for example, Intelligent Platform Management Interface (IPMI)
  • IPMI Intelligent Platform Management Interface
  • information may be described using expressions such as an abc table, an abc list, an abc database, and an abc queue.
  • the information described in the present embodiment may have a structure other than the table structure, the list structure, and the database structure.
  • expressions such as identifiers, identification information, names, IDs, and the like may be used, but these can be replaced with each other.
  • each processing described later is realized by the microprocessor reading and executing each program stored in the memory. Therefore, the subject of each process may be a program or a microprocessor. Alternatively, the subject of each process can be described as a system management device or a controller.
  • FIG. 1 is an explanatory diagram showing an outline of one embodiment.
  • FIG. 1 shows a simplified operation outline of the management system.
  • FIG. 1 is prepared to assist in understanding the present invention, and is not intended to limit the scope of the present invention to the illustrated configuration. All of the features shown in FIG. 1 are not necessarily essential elements of the present invention.
  • the management system 1 is a device for managing a plurality of management target devices 2 (1), 2 (2), 2 (3) (hereinafter referred to as a management target device 2 unless otherwise distinguished).
  • the detailed configuration of the management system 1 will be described later.
  • the management target device 2 is, for example, a server computer, a storage device, a network device, or the like.
  • the management system 1 includes a plurality of additional component information 1A (1), 1A (2), a plurality of additional component application conditions 1B (1), 1B (2), and a plurality of first information 1C (1), 1C ( 2), a plurality of determination units 1D (1), 1D (2), and a plurality of second information 1E (1), 1E (2).
  • the additional component application condition is abbreviated as “application condition” for convenience.
  • additional component information 1A additional component application condition 1B
  • first information 1C determination unit 1D
  • second information 1E second information 1E
  • FIG. 1 the case of “2” will be described as an example of “plurality”, but is not limited to 2, and may be 3 or more.
  • the management system 1 acquires the first information 1C from each managed device 2.
  • the first information 1C corresponds to “information that the management computer can acquire from the management target device as a standard”. Examples of the first information include basic specifications such as a node name, a vendor name, a model name, and CPU (Central Processing Unit) performance.
  • the management system 1 determines whether or not each additional component information 1A can be applied to each managed device 2.
  • the determination unit 1D can apply the additional component information 1A corresponding to the additional component application condition 1B to the management target device 2 corresponding to the first information 1C by comparing the additional component application condition 1B and the first information 1C. It is determined in advance whether or not.
  • the management system 1 acquires the second information 1E from the management target device 2 using the additional part information 1A.
  • the second information 1E includes at least one of the configuration, state, performance, and failure of the management target device 2.
  • the management system 1 manages the management target device 2 using the second information 1E.
  • the information acquisition result using one additional component information 1A (1) is notified to the other additional component information 1A (2) as indicated by reference numeral 3.
  • the other determination unit 1D (2) acquires the second information 1E (2) from the management target device 2 using the information acquisition result.
  • authentication information for example, information including a user ID and / or password; access information described later
  • the second information 1E If the authentication information set in the management target device 2 and the authentication information held in the management system 1 do not match, the second information cannot be extracted from the management target device 2.
  • authentication information is managed in association with each communication protocol, instead of managing authentication information in association with each management target device 2.
  • the management system 1 tries the authentication information for each communication protocol for each additional component information 1A.
  • the authenticity of authentication is recorded in a table.
  • the determination unit 1D (1) that performs the determination on the additional component information 1A (1) transmits the authentication information for each communication protocol to the determination unit 1D (2) that performs the determination on the additional component information 1A (2).
  • Information about the management target apparatus 2 that could not be used is notified.
  • the information can also be called, for example, “authentication result information indicating the authentication information for each communication protocol and the authentication result of each managed device 2”.
  • the other determination unit 1D (2) executes the authentication process for the additional component information 1A (2) using the authentication result information in the previously processed additional component information 1A (1). Therefore, there is no need to try authentication information that is known to be useless.
  • whether or not the second information 1E is acquired from the management target device 2 using the additional component information 1A by comparing the first information 1C acquired from the management target device 2 with the additional component application condition 1B. Can be determined in advance. Therefore, the management target device 2 that is not supported by the additional component information 1A can be removed in advance from the acquisition target of the second information. Thereby, the time required for acquiring the 2nd information 1E from each management object apparatus 2 can be shortened. As a result, the time required for system management can be shortened and management efficiency can be increased.
  • authentication information is set for each communication protocol, and the authentication result information of the additional component information 1A (1) processed earlier is used for the processing of the next additional component information 1A (2). To do. Therefore, authentication can be performed efficiently without trying authentication information that is known to fail. As a result, the second information 1E can be acquired from the management target device 2 in a relatively short time.
  • a configuration for supporting the user's operation when the second information 1E cannot be acquired using the additional part information 1A is disclosed.
  • the user can modify existing authentication information or create new authentication information using the operation support screen. Thereby, the user's usability improves.
  • FIG. 2 shows a computer system including a system management device.
  • the computer system includes a system management device 10 as a “management system”, a plurality of management target devices 20 (1), 20 (2), 20 (3), an input / output terminal 30, a distribution device 40, and each of them. And a communication network CN that interconnects the devices 10, 20 (1), 20 (2), 20 (3), 30, and 40. Unless otherwise distinguished, the management target devices 20 (1), 20 (2), and 20 (3) are referred to as management target devices 20.
  • the system management apparatus 10 corresponds to the management system 1
  • the management target apparatus 20 corresponds to the management target apparatus 2.
  • Basic information and detailed information (tables 1035 and 1036) to be described later are in the first information 1C
  • additional information to be described later (table 1037) is in the second information 1E
  • plug-in application condition definition 1033 to be described later is in the additional component application condition 1B.
  • a plug-in definition 1034 described later corresponds to the additional component information 1A.
  • the management target device 20 includes a plurality of types of devices.
  • One managed device 20 (1) is a server computer.
  • the server computer provides various services to client computers (not shown) by executing application programs.
  • it may be referred to as a server computer 20 (1).
  • the other managed device 20 (2) is a storage device.
  • the storage device stores data used by the server computer.
  • the storage device 20 (2) may be called.
  • Still another managed device 20 (3) is a network device.
  • the network device is configured as a switch device or a router device, for example.
  • the network device 20 (3) may be called.
  • the management target device may be referred to as a node device.
  • the management target is not limited to the entire apparatus, but may be hardware or software that constitutes a part of the apparatus.
  • the input / output terminal 30 is a computer for inputting information to the system management apparatus 10 and extracting information from the system management apparatus 10.
  • the input / output terminal 30 is used by a user who is a system administrator.
  • the distribution device 40 can be configured as a website operated by each vendor that provides each node device 20, for example.
  • the operating entity is not limited to a vendor, and may be, for example, a system maintenance specialist or a software vendor. In FIG. 2, only one distribution device 40 is shown, but a plurality of distribution devices 40 corresponding to each vendor may exist.
  • the distribution apparatus 40 transmits plug-in data that is the basis of the plug-in definition 1034 to the system management apparatus 10.
  • the system management apparatus 10 creates a plug-in definition 1034 based on the plug-in data.
  • the distribution apparatus 40 transmits plug-in data to the system management apparatus 10 via the communication network CN in response to a request from the system management apparatus 10 or without waiting for a request from the system management apparatus 10.
  • the user can access the distribution device 40 and acquire plug-in data corresponding to the new managed device.
  • the plug-in data may be automatically transmitted from the distribution apparatus 40 to the system management apparatus 10 before or after the new node apparatus is provided to the market from the vendor.
  • the plug-in definition 1034 is information for associating with a predetermined node device and acquiring configuration information and / or performance information from the predetermined node device.
  • the predetermined node device means a computer device newly added to the computer system and / or hardware or software constituting the computer device. For example, out of software components newly mounted on the system management apparatus 10 with the state at the time of system construction as a reference, software parts used for managing node devices can be called plug-in definition information. However, it is not limited to this definition.
  • the plug-in definition 1034 includes, for example, a method for acquiring information from a node device (for example, communication protocol type, login information) and items of information to be acquired from the node device (for example, Product information, status value, performance value, etc.) and information for mapping information acquired from the node device to the node management model (for example, information for specifying an icon) so as to include at least one piece of information Composed.
  • a node device for example, communication protocol type, login information
  • items of information to be acquired from the node device for example, Product information, status value, performance value, etc.
  • information for mapping information acquired from the node device to the node management model for example, information for specifying an icon
  • the plug-in definition 1034 may have any form such as a file format, a single row in a table, or a program format.
  • the plug-in definition 1034 may be configured to store a procedure for acquiring information from the node device, or may be configured as a program for acquiring information from the node device.
  • the system management device 10 accesses the node device based on the plug-in definition 1034 and acquires necessary information from the node device.
  • the node device whose information is correctly read out by the system management device 10 is set as a new management target.
  • the system management apparatus 10 may be able to acquire information from the node apparatus without using the plug-in definition 1034.
  • the system management apparatus 10 can acquire information (basic information and detailed information) from the node apparatus without using the plug-in definition 1034.
  • the system management device 10 should acquire a method for acquiring information from the new node device, and I often do not know information items. Therefore, the system management apparatus 10 acquires plug-in data corresponding to the plug-in definition corresponding to the new node apparatus from the distribution apparatus 40.
  • FIG. 3 shows the configuration of the system management apparatus 10.
  • the system management apparatus 10 includes, for example, a microprocessor 101, a memory 102, and a communication interface 103.
  • the memory 102 for example, a plurality of computer programs 1021-1028 and a plurality of information 1031-1039 are stored.
  • the plurality of computer programs corresponding to the “management program” include, for example, a periodic monitoring program 1021, a basic information acquisition program 1022, a detailed information acquisition program 1023, a status monitoring program 1024, a plug-in application program 1025, a plug An in-registration program 1026, an access information registration program 1027, and a result display program 1028 are included.
  • the plurality of information includes, for example, a node management table 1031, an access information management table 1032, a plug-in application condition definition 1033, a plug-in definition 1034, a basic information management table 1035, a detailed information management table 1036, An additional information management table 1037, a plug-in application state management table 1038, and a plug-in management table 1039 are included. Details of each information (including the table) will be described later.
  • the microprocessor 101 implements predetermined processing shown in FIGS. 16 to 22 by appropriately reading and executing the programs 1021 to 1028. Details will be described later.
  • the communication management port 103 is a communication port for communicating with each node device 20, the input / output terminal 30, and the distribution device 40 via the communication network CN.
  • the memory 102 is configured as a storage resource such as a ROM (Read Only Memory), a RAM (Random Access Memory), an auxiliary storage device, and the like. That is, the memory 102 can include one or a plurality of storage areas.
  • the memory 102 is not limited to a single type of semiconductor memory, but is a concept including other types of storage devices such as an auxiliary storage device, which is common in the following description.
  • system management apparatus 10 does not have to be composed of a single computer, and a single system management apparatus may be composed of a plurality of computers. Further, the system management apparatus 10 does not have to manage each node apparatus individually, and can also manage a plurality of node apparatuses in groups and manage them in units of groups.
  • FIG. 4 shows a configuration example of the input / output terminal 30 and the node device 20.
  • the input / output terminal 30 includes, for example, a microprocessor 301, a memory 302, and a communication interface 303.
  • the memory 302 stores a GUI (Graphical User Interface) program 3021 such as a web browser.
  • the microprocessor 301 reads and executes the GUI program 3021 to input a user instruction via a screen provided from the system management apparatus 10 or display a screen provided from the system management apparatus 10 on the input / output terminal 30. Display on a display device.
  • GUI Graphic User Interface
  • the node device 20 includes, for example, a microprocessor 201, a memory 202, and a communication interface 203.
  • the memory 202 stores an information acquisition program 2021, device-side basic information 2022, and device-side detailed information 2023.
  • the microprocessor 201 collects basic information and detailed information in its own device by reading and executing the information acquisition program 2021.
  • the microprocessor 201 stores the collected basic information in the memory 202 as device-side basic information 2022 and the collected detailed information as device-side detailed information 2023, respectively.
  • the microprocessor 201 transmits the device-side basic information 2022 and the detailed information 2033 to the system management device 10 in response to a request from the system management device 10 or voluntarily.
  • the node device has a configuration corresponding to its type.
  • a storage device includes a plurality of physical storage devices, a plurality of logical storage devices (logical volumes), and a controller.
  • the storage device provides a logical volume to the server computer.
  • Data (including files) used by the server computer is stored in the logical volume.
  • a network device such as a switch or a router includes a plurality of communication ports and a controller.
  • FIG. 5 shows an example of the node management table 1031.
  • the node management table 1031 is a table for managing managed node devices included in the computer system.
  • the node management table 1031 includes, for example, a node ID 10311, an IP address 10312, a basic protocol 10313, an access information ID 10314, a pointer 10315 for referring to the basic information acquisition program, and a detailed information acquisition program.
  • Pointer 10316 is a table for managing managed node devices included in the computer system.
  • the node management table 1031 includes, for example, a node ID 10311, an IP address 10312, a basic protocol 10313, an access information ID 10314, a pointer 10315 for referring to the basic information acquisition program, and a detailed information acquisition program.
  • Pointer 10316 Pointer 10316.
  • the node ID 10311 is information for identifying each node device 20.
  • the IP address 10312 is information indicating a position on the communication network for accessing each node device. Any information that can be accessed by the system management apparatus 10 is acceptable, and the information is not limited to an IP address. For example, instead of an IP address, an identifier on the network such as an iSCSI (internet Small Computer System Interface) name may be used.
  • iSCSI Internet Small Computer System Interface
  • the basic protocol 10313 indicates a communication protocol used by the system management apparatus 10 to acquire basic information and detailed information from the node apparatus 20.
  • Examples of basic protocols include WMI, SNMP, SMI-S, and IPMI.
  • the access information ID 10314 is information for specifying access information as “authentication information”.
  • the system management device 10 refers to the access information management table 1032 shown in FIG. 6 on the basis of the access information ID, and thereby obtains basic information and detailed information from the node device 20 using the basic protocol. ID and / or password can be detected.
  • the reference pointer 10315 of the basic information acquisition program is information for detecting the basic information acquisition program 1022 that acquires the basic information from the node device 20.
  • the reference pointer 10316 of the detailed information acquisition program is information for detecting the detailed information acquisition program 1023 that acquires detailed information from the node device 20.
  • a basic information acquisition program 1022 and a detailed information acquisition program 1023 are prepared according to the type of each node device.
  • the node device is a server computer
  • a basic information acquisition program 1022 (1) and a detailed information acquisition program 1023 (1) for the server computer are used.
  • the node device is a network device (IP-SW)
  • IP-SW IP-SW basic information acquisition program 1022 (2) and a detailed information acquisition program 1023 (2) are used.
  • the system management apparatus 10 can collect basic information and detailed information from each node apparatus 20 by using the node management table 1031.
  • FIG. 6 shows an example of the access information management table 1032.
  • the access information management table 1032 includes, for example, a protocol type 10321 and a pointer 10322 to a sub table.
  • the protocol type is abbreviated as “protocol”.
  • Sub-tables 1032ST1, 1032ST2, 1032ST3 and 1032ST4 are prepared for each communication protocol.
  • the WMI sub-table 1032ST1 includes, for example, an ID 103221 for identifying access information, an access information name 103222, a user ID 103223, a password 103224, and a used flag 103225 indicating that it has been used. Prepare.
  • the SSH sub-table 1032ST2 includes a communication port number 103226 in addition to the above-mentioned 103221-103225.
  • the SNMP subtable 1032ST3 includes a community name 103227 in addition to the ID 103221, name 103222, used flag 103225, and communication port number 103226.
  • the SNMP subtable 1032ST3 uses the communication port number 103226 and the community name 103227 instead of the user ID 103223 and the password 103224.
  • the SMI-S subtable 1032ST4 includes a name space 103228 in addition to the ID 103221, the name 103222, the communication port number 103226, and the used flag 103225 described above.
  • the SMI-S subtable 1032ST4 uses the communication port number 103226 and the name space 103228 instead of the user ID 103223 and the password 103224.
  • access information is set for each communication protocol.
  • access information is not associated with each node device.
  • by associating access information for each communication protocol unusable access information can be easily extracted and authentication processing can be performed efficiently.
  • FIG. 7 shows an example of the plug-in application condition definition 1033.
  • the plug-in application condition definition 1033 indicates a predetermined condition for applying a plug-in (hereinafter, a function realized by the plug-in definition 1034 may be referred to as a plug-in) to the node device 20.
  • the plug-in application condition definition 1033 is created in a structured tag language such as XML (eXtensibleeMarkup Language), for example.
  • the plug-in definition 1034 can also be described in a language such as XML.
  • the plug-in application condition definition 1033 includes, for example, a pre-check condition 10331, an authentication check condition 10332, and an instance check condition 10333.
  • the pre-check condition 10331 is a condition for determining whether or not the plug-in can be applied to the node device based on the basic information acquired from the node device 20.
  • the vendor name is described in the precheck condition 10331.
  • a node device provided by the same vendor as the vendor name described in the precheck condition 10331 satisfies the precheck condition 10331.
  • a node device provided from a vendor different from the vendor name described in the pre-check condition 10331 does not satisfy the pre-check condition 10331, and it is determined that there is no applicability of the plug-in.
  • the pre-check condition 10331 not only the vendor name but also a node name (node type) included in the basic information or / and a model name included in the basic information can be used, for example.
  • a node name node type
  • a model name included in the basic information can be used, for example.
  • the vendor name and the model name are described in the precheck condition 10331, only the node device 20 having the vendor name and model name satisfies the precheck condition 10331.
  • the authentication check condition 10332 is a condition for determining whether or not the authentication process in the node device 20 has succeeded. The authentication check is performed when the pre-check is successful. With respect to a certain plug-in, each node device 20 is repeatedly accessed using a predetermined communication protocol (basic protocol) and each access information set in the predetermined communication protocol. The node device 20 executes an authentication process based on the access information input from the system management device 10. The authentication check is performed in order to find (determine) access information used in the plug-in.
  • a predetermined communication protocol basic protocol
  • predetermined information can be acquired from a predetermined area of the memory 202 of the node device 20. If the acquired value is the same as the value defined in the authentication check condition 10332, the authentication check condition is satisfied. For example, when 10 pieces of access information are registered for a predetermined communication protocol, the system management apparatus 10 selects the 10 pieces of access information in order and accesses one node device 20 a total of 10 times. And receive authentication processing.
  • the node device 20 that satisfies the precheck condition 10331 among all the node devices 20 discovered on the computer system is subjected to the authentication process. Therefore, the total number of accesses to each node device 20 by the system management device 10 can be reduced, and the time for determining whether or not plug-in can be applied can be shortened.
  • the ID of the node device that could not use the access information and the ID of the access information are stored in association with each other. It can also be used in the process of determining whether or not a plug-in can be applied. In this case, it is possible to receive authentication more efficiently by further reducing the number of authentications.
  • the instance check condition 10333 is a condition for determining whether or not the plug-in is applicable based on the detailed information acquired from the node device 20. Instance check is performed when authentication check is successful. It is determined whether or not information indicating basic specifications such as CPU specifications or versions included in the detailed information and / or information indicating basic performance included in the detailed information has been acquired from the node device 20. The plug-in can be applied to the node device 20 that has acquired the detailed information.
  • the authentication check and the instance check can be combined into one.
  • the time until the authentication check process is completed becomes long and the processing load of the system management apparatus 10 also increases.
  • the authentication check and the instance check are separated, and detailed information is acquired only when the authentication check is passed. Therefore, the authentication check process can be executed with a relatively small load, and the instance check can be performed only for the node device 20 that has passed the authentication check. Therefore, the processing time as a whole can be shortened and the processing load can be reduced.
  • FIG. 8 shows an example of the plug-in definition 1034.
  • FIG. 8 shows an example of a plug-in for acquiring the number of database transactions.
  • the number of database transactions is an example of “additional information”.
  • the plug-in definition 1034 shown in FIG. 8 includes, for example, the type of communication protocol used to acquire the number of database transactions from the node device 20, the item name (number of database transactions) to be acquired, a value, and additional information.
  • the storage position and item name for storage in the management table 1037 are described.
  • FIG. 9 shows a basic information management table 1035.
  • the basic information management table 1035 manages basic information that the system management apparatus 10 can acquire from the node apparatus 20 without applying any special effort.
  • the basic information management table 1035 includes, for example, a node ID 10351, a node name 10352, a vendor name 10353, and a model name 10354.
  • the node ID 10351 is information for identifying the node device 20.
  • the node name 10352 is the name of the node device.
  • the node name can also indicate the node type.
  • the vendor name 10353 is information for identifying the manufacturer or seller who is the provider of the node device 20.
  • the model name 10354 is information indicating the model of the node device 20.
  • FIG. 10 shows a detailed information management table 1036. Similar to the basic information management table 1035, the detailed information management table 1036 manages detailed information that the system management apparatus 10 can acquire from the node apparatus 20 without applying any special effort. In addition, when acquiring basic information, both the case where authentication in a node apparatus is unnecessary and the case where it is required are considered. The same applies to the case of detailed information.
  • the authentication information management table 1036 includes, for example, a node ID 10361 and a pointer 10362 indicating a sub table.
  • Sub tables 1036ST1 and 1036ST2 are prepared for each type of node device.
  • One sub-table 1036ST1 shown in FIG. 10 is a server computer sub-table.
  • the other sub-table 1036ST2 shown in FIG. 10 is a switch (IP-SW) sub-table.
  • the server computer sub-table 1036ST1 includes, for example, a CPU specification 103621, a CPU core count 103622, and a memory size 103623. Detailed information acquired from each server computer to be managed is stored in one sub-table 1036ST1.
  • the switch sub-table 1036ST2 includes, for example, the number of transmitted packets 103624, the number of received packets 103625, and the number of error packets 103626. Detailed information acquired from each network device (switch device) to be managed is stored in the other sub-table 1036ST2.
  • the storage device sub-table can manage the number of logical volumes and / or the number of communication ports as detailed information.
  • FIG. 11 shows an example of the additional information management table 1037.
  • the additional information management table 1037 manages additional information acquired from the node device 20 using plug-ins.
  • the additional information management table 1037 includes, for example, a node ID 10371 and a pointer 10372 to the sub table.
  • a sub-table is prepared for each node device 20.
  • the sub-table includes performance value management tables 1037ST1 and 1037ST2, and attribute management tables 1037ST3 and 1037ST4. That is, the performance value management table and the attribute value management table are associated with each node device.
  • Performance value management tables 1037ST1 and 1037ST2 manage performance values acquired from the node device 20 via plug-ins.
  • the performance value management tables 1037ST1 and 1037ST2 include, for example, a key 103721, a value 103722, and a plug-in ID 103723.
  • a key 103721 indicates an attribute having a value of 103722.
  • the plug-in ID 103723 is information for specifying the plug-in definition 1034 used to acquire the value 103722.
  • the attribute management tables 1037ST3 and 1037ST4 include a key 103721, a description 103724, and a plug-in ID 103723.
  • Description 103724 indicates the contents of the key 103721.
  • FIG. 12 shows an example of the plug-in application state management table 1038.
  • the plug-in application state management table 1038 manages the application state of each plug-in in each node device 20.
  • the plug-in application state management table 1038 includes a node ID 10381 and a pointer 10382 to the sub table.
  • Sub-tables 1038ST1 and 1038ST2 are prepared for each node device 20.
  • the sub tables 1038ST1 and 1038ST2 include, for example, a plug-in ID 103821, an applied flag 103822, a communication protocol 103823, an error occurrence location 103824, an access information ID 103825, and an error message 103826.
  • the applied flag 103822 is information indicating whether or not the plug-in specified by the plug-in ID 103821 has been applied to the node device 20.
  • the communication protocol 103823 is information indicating a communication protocol used for the plug-in to acquire additional information from the node device 20.
  • the error occurrence location 103824 is information indicating which process is determined to be inapplicable in a series of processes for determining whether or not a plug-in can be applied to the node device 20.
  • a series of processes for determining whether or not a plug-in is applicable is a pre-check process, an authentication check process, and an instance check process.
  • pre-check condition is not satisfied
  • authentication check condition is not satisfied
  • authentication check is recorded in the error occurrence location 103824.
  • instance check condition is not satisfied
  • “instance check” is recorded in the error occurrence location 103824.
  • “false” indicating application failure is recorded in the applied flag 103822, information indicating the process in which the error has occurred is recorded in the error occurrence location 103824.
  • a message notified to the user when an error occurs is stored.
  • a message such as “Plug-in P0007 failed in authentication check” is stored in advance.
  • FIG. 13 shows the plug-in management table 1039.
  • the plug-in management table 1039 is a table for managing each plug-in.
  • the plug-in management table 1039 includes, for example, a plug-in ID 10391, a name 10392, a pointer 10393 for referring to the plug-in application condition definition 1033, and a pointer 10394 for referring to the plug-in definition 1034.
  • Name 10392 is the name of the plug-in.
  • the pointer 10393 is information for referring to the plug-in application condition definition 1033.
  • the other pointer 10394 is information for referring to the plug-in definition 1034.
  • FIG. 14 shows an example of the device side basic information 2022.
  • the device side basic information 2022 is held in each node device 20.
  • the apparatus-side basic information 2022 stores, for example, a host name 20221, a vendor name 20222, and a model name 20223 as basic information.
  • FIG. 15 shows an example of the device side detailed information 2023.
  • the device-side detailed information 2023 is stored in the memory 202 of the node device 20 in the same manner as the device-side basic information 2022.
  • the device-side detailed information 2023 stores, for example, CPU specifications 20231, the number of CPU cores 20232, and a memory size 20233 as detailed information. As described in FIG. 10, the items of detailed information differ depending on the type of node device.
  • FIG. 16 is a flowchart of the regular monitoring process.
  • the flowchart shown in FIG. 16 is realized by executing the periodic monitoring program 1021.
  • the subject is referred to as a system management device.
  • the system management device 10 executes a process of acquiring basic information from each node device 20 (S10) and a process of acquiring detailed information from each node device 20 (S11). Furthermore, the system management apparatus 10 executes a process for applying the plug-in (S12). Details of S12 will be described later.
  • the system management apparatus 10 executes a process for displaying the plug-in application result on the screen (S13). Finally, the system management device 10 monitors each node device 20 based on information (performance information, status information, etc.) collected from each node device 20 (S14).
  • the basic information acquisition process (S10) is executed at a frequency of about once a week, for example.
  • the detailed information acquisition process (S11), the plug-in application process (S12), the result display process (S13), and the status monitoring process (S14) are, for example, shorter than the basic information acquisition process at a frequency of about once a day. Executed.
  • the basic configuration of the computer system does not change significantly, the basic information acquisition cycle may be set longer.
  • the processes of S11 to S14 are executed in a short cycle. Note that the above cycle setting is merely an example for explanation. A configuration in which the periods for executing the processes of S11 to S14 are different may be employed.
  • the execution cycle of the state monitoring process (S14) can be made shorter, for example, about once per hour.
  • FIG. 17 is a flowchart of basic information acquisition processing. This process corresponds to step S10 in FIG. This process is realized by executing the basic information acquisition program 1022.
  • the system management device 10 acquires a list of node devices from the node management table 1031 (S20), and executes S22 and S23 for all the node devices 20 (S21). That is, the system management device 10 acquires basic information (device-side basic information 2022) from the node device 20 (S22). The system management apparatus 10 stores the acquired basic information in the basic information management table 1035 (S23).
  • FIG. 18 is a flowchart of detailed information acquisition processing. This process corresponds to step S11 in FIG. This processing is realized by executing the detailed information acquisition program 1023.
  • the system management device 10 acquires a list of node devices from the node management table 1031 (S30), and executes S32 and S23 for all the node devices 20 (S31). That is, the system management apparatus 10 acquires detailed information (apparatus side detailed information 2023) from the node apparatus 20 (S32). The system management apparatus 10 stores the acquired detailed information in the detailed information management table 1036 (S33).
  • FIG. 19 is a flowchart of the state monitoring process. This process corresponds to step S13 in FIG. This processing is realized by executing the state monitoring program 1024.
  • the system management device 10 acquires a list of node devices from the node management table 1031 (S40), and executes S42, S43, and S44 for all node devices (S41). That is, the system management apparatus 10 acquires state information (including performance information) from the node apparatus 20 (S42), and determines whether an abnormality has occurred (S43). When it is determined that an abnormality has occurred (S43: YES), the system management apparatus 10 notifies the user via the input / output terminal 30 (S44). Alternatively, the occurrence of an abnormality may be notified by sending an e-mail to a mobile terminal (including a mobile phone) held by the user.
  • FIG. 20 is a flowchart of plug-in application processing. This process corresponds to step S12 in FIG. This processing is realized by executing the plug-in application program 1025.
  • the system management device 10 acquires a list of node devices from the node management table 1031 (S50), and executes S52, S53, and S54 for all the node devices (S51). That is, the system management apparatus 10 acquires a plug-in list from the plug-in management table 1039 (S52), and executes S54 for all plug-ins (S53). The system management device 10 determines whether to apply the plug-in to the target device (the node device that is the processing target) (S54).
  • each plug-in is applicable one by one for each node device 20.
  • the plug-in application candidates are narrowed down in advance based on the basic information and the detailed information, so that the time required for completing S54 can be shortened.
  • FIG. 21 shows details of S54 in FIG.
  • the system management device 10 determines whether or not the target device 20 satisfies the precheck condition for the target plug-in (S60). For example, if the name of the vendor that provides the target device 20 does not match the vendor name described in the precheck condition 10331 corresponding to the target plug-in (S60: NO), the target device 20 is not applicable to the target plug-in. Device.
  • the system management apparatus 10 sets “false” in the applied flag 103822 corresponding to the target plug-in of the target apparatus in the plug-in application state management table 1038 (S66).
  • the basic information and the detailed information can be collected from each node device 20 before executing the process of determining whether or not the plug-in can be applied. Therefore, in S60, it is possible to determine whether or not the precheck condition is satisfied based on the acquired basic information and detailed information without accessing the target node device. Thereby, it is possible to determine whether each plug-in can be applied to each node device without increasing the load on the communication network CN.
  • the target device If the target device satisfies the pre-check condition (S60: YES), the target device becomes a plug-in application candidate.
  • the system management apparatus 10 tries to acquire authentication check information from the target device by accessing the target device that has passed the pre-check using the access information (S61).
  • the authentication check condition 10332 is that the node device 20 can be accessed using a predetermined communication protocol, and information for authentication check can be acquired from a predetermined location. In order to acquire authentication check information from a predetermined location, it is necessary to succeed in authentication in the node device 20. As described with reference to FIG. 6, each communication protocol is associated with one or more pieces of access information (user ID, password) in advance.
  • the system management apparatus 10 tries each access information for each communication protocol in order for the target plug-in, and tries to acquire authentication check information from a predetermined location (S61).
  • the system management apparatus 10 determines whether or not the authentication check condition is satisfied (S62). If the information for authentication check cannot be acquired from the target device even after trying all the access information for each communication protocol (S62: NO), the system management device 10 sets “false” in the corresponding applied flag 103822. And the plug-in application state management table 1038 is updated (S66).
  • the system management device 10 When the authentication check information can be read from the predetermined location of the target device (S62: YES), the system management device 10 tries to acquire the instance check information from the target device (S63).
  • the instance check information is predetermined information defined in the instance check condition 10333, and corresponds to, for example, a version number.
  • the instance check is a final inspection for confirming that the target plug-in can be applied to the target device.
  • the system management apparatus 10 accesses the target apparatus again using the communication protocol and the access information that were successful in S62, and acquires instance check information from another predetermined location of the target apparatus.
  • the system management apparatus 10 determines whether or not the instance check information acquired from the target apparatus matches the instance check condition 10333 (S64). When the instance check condition is satisfied (S64: YES), the system management apparatus 10 applies the target plug-in to the target apparatus (S65). In S65, the system management apparatus 10 sets “true” in the corresponding applied flag 103822, and updates the plug-in application state management table 1038.
  • the system management apparatus 10 sets “false” to the corresponding applied flag 103822, and updates the plug-in application state management table 1038 (S66). .
  • FIG. 22 is a flowchart of the result display process. This process corresponds to step S13 in FIG. This processing is realized by executing the result display program 1028.
  • the system management device 10 acquires a list of node devices from the node management table 1031 (S70), and executes S72 and S73 for all node devices (S71).
  • the system management apparatus 10 displays plug-in application results for all plug-ins (S72) (S73).
  • FIG. 23 is an example of a screen G10 displaying the plug-in application result.
  • the result display screen G10 includes, for example, a status G101, a node name G102, a plug-in name G103, a communication protocol G104, access information G105, a date and time G106, and a description G107.
  • Status G101 indicates whether a plug-in is applied to the node device. When “OK” is set, it indicates that the plug-in is applied to the node device. When “Error” is set, it indicates that the plug-in cannot be applied to the node device.
  • the communication protocol G104 indicates a communication protocol used by the plug-in to acquire information from the node device.
  • the access information G105 indicates information used for authentication processing in the node device.
  • the date and time G106 indicates the date and time when the plug-in can be applied.
  • the explanation G107 is a message indicating the result of plug-in applicability. When the plug-in is applied, for example, a message “success” is displayed. If the pre-check cannot be passed, for example, a message “This is a non-target node” is displayed. If the authentication check is not passed, for example, a message “No corresponding authentication information” is displayed. The authentication information is access information. If the instance check does not pass, for example, a message “The node has been excluded as a result of the instance check” is displayed.
  • FIG. 24 shows the node management screen G20.
  • the node management screen G20 is a screen for managing each node device 20 to be managed.
  • the node management screen G20 includes, for example, the plug-in application result display screen G10, the node list screen G30, and the monitoring screen G40 described with reference to FIG.
  • the node list screen G30 displays a list of attributes such as the IP address, node name, access information, device type, node description, and discovery status of each node.
  • the monitoring screen G40 displays a monitoring result based on status information and / or performance information acquired from each node device. For example, an icon or the like indicating the occurrence of an abnormal state is displayed on a node device in which an abnormal state has occurred. Furthermore, an icon or the like for alerting the user is displayed on the node device in which a state such as a memory shortage has occurred.
  • the system management device 10 applies the plug-in by performing a pre-check based on basic information and detailed information that can be collected in advance from each node device 20 without using the plug-in.
  • Narrow down candidate node devices From among many node devices included in the computer system, it is possible to narrow down to the node devices 20 to which the plug-in can be applied, and determine whether the plug-in can be applied. Therefore, it is possible to reduce the time required to determine whether or not plug-in application is possible, and to improve management efficiency.
  • an authentication check is performed on a node device that has passed the pre-check, and an instance check is performed only when the authentication check is passed. It is assumed that the authentication check processing time is shorter than the instance check processing time, but this need not be the case.
  • the instance check is performed only for the node device that has passed the authentication check. As a result, the time required for the authentication check and the instance check can be shortened. This is because the instance check is not performed for the node device for which the authentication check has failed.
  • the authentication check process is typically a process for determining whether or not the authentication information stored in the system management apparatus can be used, but this need not be the case. For example, a process that is not directly related to the availability of the authentication information may be included, or a part of the process that contributes to the determination of the availability of the authentication information may be the instance check process. Of course, all or part of the processing to be performed in the instance check for other reasons may be integrated into the authentication check, or conversely, all or part of the processing to be performed in the authentication check may be integrated into the instance check.
  • FIG. 25 and 26 A second embodiment will be described with reference to FIGS. 25 and 26.
  • FIG. 25 and 26 Each of the following embodiments, including the present embodiment, corresponds to a modification of the first embodiment, and will be described with a focus on differences from the first embodiment.
  • the result of the authentication check is recorded, and the result is used for the authentication check in the next target plug-in.
  • FIG. 25 is a flowchart of plug-in application processing to the target device. This process is executed in S54 of FIG. 20 instead of the process shown in FIG.
  • the system management apparatus 10 executes S81-S88 described later for all plug-ins (S81).
  • the system management apparatus 10 pre-checks the combination of the target plug-in and the target apparatus (S81), and determines whether the target apparatus satisfies the pre-check condition (S82). If the pre-check condition is not satisfied (S82: NO), the process is once terminated and the process proceeds to the next target plug-in (S80).
  • the system management device 10 executes S84, S85, and S89 for all access information that is not invalid (S83). Reference is now made to FIG.
  • FIG. 26 shows an example of the access information management table 1032A.
  • This table 1032A includes, for example, an access information ID 103221, an access information name 103222, a user ID 103223, a password 103224, other information 10322A, and an application result 10322B for each node device.
  • Other information 10322A indicates the used flag 103225, the communication port number 103226, the community name 103227, and the name space 103228 shown in FIG. Due to space limitations, the above items 103225-103228 are displayed as other information 10322A.
  • the application result 10322B for each node device indicates whether or not the access information can be used for the node device, that is, whether or not the node device is successfully authenticated with the access information.
  • “invalid” is set in the application result 10322B of the node device that has failed the authentication.
  • the system management apparatus 10 refers to the application result 10322B of the access information management table 1032A shown in FIG. 26 and performs an authentication check using all access information for which “invalid” is not set (S84). It is clear that the access information set to “invalid” cannot be used in the target device, and there is no point in trying. By performing the authentication check only on access information that is not “invalid”, the time required for the authentication check can be shortened.
  • the system management apparatus 10 sets “invalid” to the application result 10322B of the target apparatus that has failed authentication for the access information that has failed authentication.
  • S84, S85, and S89 are executed until all access information for which “invalid” is not set in the application result 10322B is tried. Therefore, as the processing shown in FIG. 25 progresses, usable access information (access information not set to invalid) is narrowed down.
  • the system management device 10 performs an instance check (S86).
  • the system management apparatus 10 determines whether the target apparatus satisfies the instance check condition (S87).
  • the system management device 10 acquires predetermined information (one or more of configuration information, performance information, and status information) from the target device (S88). .
  • This embodiment configured as described above also has the same effect as the first embodiment. Further, in the present embodiment, the result (success / failure) of the target plug-in authentication processing for the target device is recorded in the table 1032A, and the result of the authentication processing is obtained in the next combination of the target plug-in and the target device. Use it for authentication processing. Therefore, the number of pieces of access information to be tried in the authentication check process (S84) can be narrowed down, and the time required for the authentication check can be shortened.
  • the access information for each node device is preferably changed periodically. This is because the possibility of unauthorized access increases as the same access information is used for a longer period of time. Therefore, the user changes the access information of each node device regularly or irregularly. Normally, when the access information is changed, the time required for the authentication check becomes longer.
  • the target devices are narrowed down by pre-check, and further, the authentication check is performed using only the access information that has not been determined to be invalid, so even if the access information is changed relatively frequently
  • the authentication check can be executed relatively quickly.
  • FIG. 27 is a flowchart of the plug-in application processing to the target device according to this embodiment. This process includes all steps S80 to S89 shown in FIG. Further, S90 to S92 are newly added to this process. Therefore, a new configuration will be described.
  • the system management device 10 acquires the access information used last time for the target device (S90) and performs an authentication check (S91). If authentication with the target device is successful with the previous access information (S92: YES), the process proceeds to instance check (S86). If authentication with the target device is not successful with the previous access information (S92: NO), the process proceeds to S83, and an authentication check is performed using all access information that is not set to invalid for the target device (S84). ).
  • This embodiment configured as described above also has the same effect as the first embodiment and the second embodiment. Furthermore, in this embodiment, since the access information used last time is tried first, the time required for the authentication check can be made shorter than in the second embodiment.
  • a fourth embodiment will be described with reference to FIGS.
  • an operation for solving the failure is guided to the user, and the user is supported.
  • FIG. 28 shows the system management apparatus 10A of the present embodiment.
  • the system management apparatus 10A Compared to the system management apparatus 10 shown in FIG. 3, the system management apparatus 10A newly includes an access information addition program 1027A and an access information correction program 1027B instead of the access information registration program 1027.
  • the access information addition program 1027A is a program for newly creating access information and additionally registering it in the access information management table 1032.
  • the access information correction program 1027B is a program for correcting the access information registered in the access information management table 1032.
  • FIG. 29 shows an example of the plug-in application result display screen G10A included in the node management screen G20.
  • the monitoring screen G40 is not shown, but the node management screen G20 can include a monitoring screen G40.
  • the solution button B21 is displayed on the screen G10A displaying the plug-in application result.
  • an authentication error resolution screen G50 shown in FIG. 30 is displayed.
  • the authentication error resolution screen G50 is a screen for displaying a node device or the like that has failed the authentication check and assisting the user in solving it.
  • the authentication error resolution screen G50 includes, for example, a communication protocol display unit G501, an error occurrence node display unit G502, an unused access information display unit G503, and an access information addition unit G504.
  • the authentication error resolution screen G50 teaches the user how to resolve errors for each communication protocol.
  • the error occurrence node display unit G502 displays the name of the node device in which the authentication error has occurred in the communication protocol.
  • the unused access information display unit G503 displays a correction button B51 for correcting access information that is not used by any node device among access information previously associated with the communication protocol. Is done. The name of the unused access information is displayed on the correction button B51.
  • the fact that there is a node device that has failed in authentication indicates that there is a possibility that there is an error in the description of the access information that is not used. For example, it indicates the possibility that the user ID or password on the node device side has been changed, or the possibility that there is an input error in the access information registered in the system management device. Accordingly, the correction button B51 is displayed. When the user operates the correction button B51, a correction screen G60 described later is displayed.
  • an add button B52 for additionally registering new access information is displayed.
  • an add screen G70 described later is displayed.
  • buttons B51 and B52 are displayed in a communication protocol in which no node device in which an error has occurred.
  • FIG. 31 shows a correction screen G60.
  • the user reads and corrects the setting value of the existing access information from the access information management table 1032 (or 1032A).
  • an ID and a password are displayed as an example of the WMI protocol, but in the case of other protocols, a port number, a community name, and a name space may be displayed.
  • FIG. 32 shows an addition screen G70.
  • the user creates the access information by inputting the name of the access information to be newly created, the user ID, and the password, and stores them in the access information management table 1032 (or 1032A). Note that only one of the user ID and password may be set.
  • FIG. 33 shows processing for displaying the resolution screen G50.
  • the system management apparatus 10A executes S101 to S107 described later for all communication protocols used for node monitoring (S100).
  • a communication protocol to be processed is called a target protocol.
  • the system management device 10A uses the plug-in application state management table 1038 to search for a node device in which an authentication error has occurred in the target protocol (S101).
  • the system management device 10A determines whether there is a node device in which an authentication error has occurred (S102). If there is no node device in which an authentication error has occurred (S102: NO), this process is temporarily terminated and the process proceeds to the next target protocol (S100).
  • the system management device 10A searches for access information that is not used by any node device in the target protocol (S104). The system management device 10A detects unused access information by comparing the access information management table 1032 (or 1032A) with the plug-in application state management table 1038.
  • the system management apparatus 10A displays the correction button B51 on the display unit G503 (S106).
  • S106 is skipped.
  • the system management apparatus 10A displays an add button G504 on the adder G504, terminates the process, switches the target protocol to the next communication protocol, and executes the steps from S101 onward.
  • This embodiment configured as described above is combined with any of the first, second, and third embodiments to improve user convenience.
  • the user can quickly correct or add the access information for the node device in which the authentication error has occurred, and can solve the authentication error at an early stage.
  • 1, 10, 10A system management device (management system), 2, 20: managed device (node device), 30: input / output terminal, 40: distribution device, 30: system management device

Abstract

Dispositif de gestion permettant de gérer un système informatique adapté à mémoriser des informations de configuration relatives à une pluralité de dispositifs de gestion cibles en fonction d'une pluralité d'éléments de premières informations reçus de la pluralité de dispositifs de gestion cibles. Le dispositif de gestion détermine s'il convient d'obtenir une pluralité d'éléments de secondes informations auprès de la pluralité de dispositifs de gestion cibles en utilisant une pluralité d'éléments d'informations composantes supplémentaires, en fonction des informations de configuration et d'une pluralité d'éléments d'informations d'état d'applications composantes supplémentaires. Si le dispositif de gestion détermine qu'il convient d'obtenir les informations, il utilise la pluralité d'éléments d'informations composantes supplémentaires pour recevoir la pluralité d'éléments de secondes informations provenant de la pluralité de dispositifs de gestion cibles, et crée ou met à jour des informations permettant de gérer la pluralité de dispositifs de gestion cibles en fonction de la pluralité d'éléments de secondes informations.
PCT/JP2010/060999 2010-06-28 2010-06-28 Système de gestion et procédé de gestion pour système informatique WO2012001762A1 (fr)

Priority Applications (4)

Application Number Priority Date Filing Date Title
CN201080066369.2A CN102859505B (zh) 2010-06-28 2010-06-28 管理系统以及计算机系统的管理方法
PCT/JP2010/060999 WO2012001762A1 (fr) 2010-06-28 2010-06-28 Système de gestion et procédé de gestion pour système informatique
US12/937,961 US8553564B2 (en) 2010-06-28 2010-06-28 Management system and computer system management method
JP2012522368A JP5406988B2 (ja) 2010-06-28 2010-06-28 管理システム及び計算機システムの管理方法

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2010/060999 WO2012001762A1 (fr) 2010-06-28 2010-06-28 Système de gestion et procédé de gestion pour système informatique

Publications (1)

Publication Number Publication Date
WO2012001762A1 true WO2012001762A1 (fr) 2012-01-05

Family

ID=45353585

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2010/060999 WO2012001762A1 (fr) 2010-06-28 2010-06-28 Système de gestion et procédé de gestion pour système informatique

Country Status (4)

Country Link
US (1) US8553564B2 (fr)
JP (1) JP5406988B2 (fr)
CN (1) CN102859505B (fr)
WO (1) WO2012001762A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2015162717A (ja) * 2014-02-26 2015-09-07 富士通株式会社 通信システム、管理装置、および通信設定方法

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2012104063A (ja) * 2010-11-12 2012-05-31 Fuji Xerox Co Ltd サービス処理装置、サービス処理システム及びプログラム
TW201222273A (en) * 2010-11-29 2012-06-01 Inventec Corp Computer system and method for managing computer device
JP5657604B2 (ja) * 2012-05-17 2015-01-21 株式会社日立ソリューションズ 端末管理システム、管理サーバ及び方法
US10574744B2 (en) * 2013-01-31 2020-02-25 Dell Products L.P. System and method for managing peer-to-peer information exchanges
US9552245B1 (en) * 2014-10-28 2017-01-24 Intuit Inc. Resolving errors that arise while accessing online user accounts
CN104618474B (zh) * 2015-01-27 2018-12-25 新华三技术有限公司 设备信息保存方法以及装置
US20230308439A1 (en) * 2022-03-22 2023-09-28 Cisco Technology, Inc. Distributed hierarchical authentication of system component identities

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001060180A (ja) * 1999-07-09 2001-03-06 Hewlett Packard Co <Hp> 装置制御用オペレーションオブジェクトインタフェースを使用する周辺システム管理のためのシステムおよび方法
JP2007041803A (ja) * 2005-08-02 2007-02-15 Canon Inc ネットワーク機器及びその制御方法とネットワークシステム、及びその制御方法をコンピュータに実行させるためのプログラム及び該プログラムを記憶した記憶媒体
JP2010072873A (ja) * 2008-09-17 2010-04-02 Ricoh Co Ltd ネットワーク管理装置、ネットワーク管理方法、ネットワーク管理プログラム、及び記録媒体

Family Cites Families (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6138122A (en) 1998-03-02 2000-10-24 Agilent Technologies Modeling of internet services
JP2000172600A (ja) 1998-12-03 2000-06-23 Canon Inc ネットワーク構成調査方法、ネットワーク機器制御方法及びその装置
US6917288B2 (en) 1999-09-01 2005-07-12 Nettalon Security Systems, Inc. Method and apparatus for remotely monitoring a site
JP3617406B2 (ja) 2000-03-30 2005-02-02 日本電気株式会社 マルチドメインに対応した品質保証型通信サービス提供方式およびサービス提供方法並びにサービス仲介装置
JP2003044325A (ja) * 2001-08-01 2003-02-14 Hitachi Ltd 資産管理装置
US7181510B2 (en) 2002-01-04 2007-02-20 Hewlett-Packard Development Company, L.P. Method and apparatus for creating a secure embedded I/O processor for a remote server management controller
US7506048B1 (en) * 2002-06-05 2009-03-17 Ricoh Co. Ltd. Method and system for monitoring network connected devices and displaying device status
JP4054626B2 (ja) * 2002-07-18 2008-02-27 オリンパス株式会社 情報端末装置、及びプログラム
US7346678B1 (en) 2002-11-14 2008-03-18 Web Ex Communications, Inc. System and method for monitoring and managing a computing service
US20050204032A1 (en) 2003-07-17 2005-09-15 Attaullah Mirza-Baig Remote device management of software only solution
JP2005175736A (ja) 2003-12-10 2005-06-30 Toshiba Corp 登録情報取得装置及び登録情報取得プログラム
JP2005174244A (ja) 2003-12-15 2005-06-30 Canon Inc ネットワークデバイス管理装置およびネットワークデバイス管理方法およびコンピュータが読み取り可能なプログラムを格納した記憶媒体およびプログラム
US20050216578A1 (en) 2004-03-29 2005-09-29 Jim Thompson Methods, devices and computer program products using a node affiliation protocol for monitoring and/or controlling networkable devices
US7966391B2 (en) 2004-05-11 2011-06-21 Todd J. Anderson Systems, apparatus and methods for managing networking devices
JP4590229B2 (ja) 2004-08-17 2010-12-01 株式会社日立製作所 ポリシルール管理支援方法およびポリシルール管理支援装置
US7502848B2 (en) 2004-08-27 2009-03-10 Ricoh Company Ltd. Method of creating a data processing object associated with a communication protocol used to extract status information related to a monitored device
US8885539B2 (en) 2005-01-26 2014-11-11 Hewlett-Packard Development Company, L.P. Configurable quality-of-service support per virtual access point (VAP) in a wireless LAN (WLAN) access device
JP2006277446A (ja) 2005-03-30 2006-10-12 Matsushita Electric Ind Co Ltd デバイスドライバ及びアプリケーションソフトウェアの提供システム
JP5074709B2 (ja) * 2006-01-18 2012-11-14 株式会社Pfu 対象機器、機器管理システム、機器管理方法および外部装置
JP4960782B2 (ja) * 2007-07-03 2012-06-27 キヤノン株式会社 情報処理装置及びそれを制御する方法及びプログラム
JP2009053862A (ja) 2007-08-24 2009-03-12 Hitachi Ltd 情報処理システム、データ形式変換方法、およびプログラム
JP2009217497A (ja) 2008-03-10 2009-09-24 Oki Electric Ind Co Ltd 汎用サーバおよびそのコマンドガード方法
JP2010286891A (ja) 2009-06-09 2010-12-24 Canon Inc デバイス管理装置、制御方法、及びプログラム
JP5266590B2 (ja) * 2009-09-18 2013-08-21 株式会社日立製作所 計算機システムの管理方法、計算機システム及びプログラム

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001060180A (ja) * 1999-07-09 2001-03-06 Hewlett Packard Co <Hp> 装置制御用オペレーションオブジェクトインタフェースを使用する周辺システム管理のためのシステムおよび方法
JP2007041803A (ja) * 2005-08-02 2007-02-15 Canon Inc ネットワーク機器及びその制御方法とネットワークシステム、及びその制御方法をコンピュータに実行させるためのプログラム及び該プログラムを記憶した記憶媒体
JP2010072873A (ja) * 2008-09-17 2010-04-02 Ricoh Co Ltd ネットワーク管理装置、ネットワーク管理方法、ネットワーク管理プログラム、及び記録媒体

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2015162717A (ja) * 2014-02-26 2015-09-07 富士通株式会社 通信システム、管理装置、および通信設定方法

Also Published As

Publication number Publication date
US20110320599A1 (en) 2011-12-29
JP5406988B2 (ja) 2014-02-05
US8553564B2 (en) 2013-10-08
CN102859505A (zh) 2013-01-02
CN102859505B (zh) 2015-08-26
JPWO2012001762A1 (ja) 2013-08-22

Similar Documents

Publication Publication Date Title
JP5406988B2 (ja) 管理システム及び計算機システムの管理方法
US9077544B2 (en) Automatic provisioning of authentication credentials
US20140207929A1 (en) Management apparatus and management method
US20120297059A1 (en) Automated creation of monitoring configuration templates for cloud server images
US8756385B2 (en) Software configuration item back-up facility
US8271638B2 (en) Node management apparatus and method
US11635971B2 (en) Scalable life-cycle maintenance of hardware
US8640209B2 (en) Authentication information change facility
US10257250B2 (en) Management system, server, client, and method thereof
US10659331B2 (en) Network system, device management method, network device, control method thereof, and non-transitory computer-readable medium
US8838790B2 (en) Configuration value management apparatus and management method
CN112714166B (zh) 分布式存储系统的多集群管理方法及装置
US10581830B2 (en) Monitoring device, control method, and recording medium
US10735937B2 (en) Management apparatus, mobile terminal, and methods thereof
US20210075701A1 (en) Method and system for onboarding a virtual network function package utilized by one or more network services
JP5157775B2 (ja) ネットワーク管理装置、ネットワーク管理方法、ネットワーク管理プログラム、及び記録媒体
US20190385122A1 (en) System and method for the same
CN110609763B (zh) 管理和执行数据备份作业的方法、电子设备和计算机可读介质
JP5501185B2 (ja) 管理システム、デバイス管理方法、及び遠隔管理装置
JP6751236B2 (ja) 情報処理装置、設定情報一覧表作成方法およびプログラム
US20230188615A1 (en) Device management system, information processing device, device, device management method, and medium
JP2018060259A (ja) 情報処理装置、情報処理システム、ユーザ認証方法、およびユーザ認証プログラム
JP2020036097A (ja) 設定情報管理装置、設定情報管理方法、及びプログラム
JP5970919B2 (ja) 臨床試験の情報の登録制御プログラム、臨床試験の情報の登録制御方法及び臨床試験の情報の登録制御サーバ
JP5810864B2 (ja) 機器識別装置、機器識別システム、機器識別方法、機器識別プログラム、及び記憶媒体

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 201080066369.2

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 12937961

Country of ref document: US

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10854059

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2012522368

Country of ref document: JP

Ref document number: 7972/CHENP/2012

Country of ref document: IN

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10854059

Country of ref document: EP

Kind code of ref document: A1